You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2011/11/23 23:19:00 UTC

svn commit: r1205635 - /sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthWorkspaceTest.java

Author: fmeschbe
Date: Wed Nov 23 22:19:00 2011
New Revision: 1205635

URL: http://svn.apache.org/viewvc?rev=1205635&view=rev
Log:
SLING-2300 Integration tests to ensure the workspace AuthenticationInfo post processor properly works (need a component to create some test workspaces and a test itself to login to those workspaces)

Added:
    sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthWorkspaceTest.java

Added: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthWorkspaceTest.java
URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthWorkspaceTest.java?rev=1205635&view=auto
==============================================================================
--- sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthWorkspaceTest.java (added)
+++ sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthWorkspaceTest.java Wed Nov 23 22:19:00 2011
@@ -0,0 +1,90 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.launchpad.webapp.integrationtest.login;
+
+import java.net.URL;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.httpclient.Credentials;
+import org.apache.commons.httpclient.UsernamePasswordCredentials;
+import org.apache.commons.httpclient.auth.AuthScope;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.sling.commons.testing.integration.HttpTestBase;
+
+/** Verify that the sling:authRequestLogin parameter forces login */
+public class AuthWorkspaceTest extends HttpTestBase {
+    private final static String SESSION_INFO_PATH = "/system/sling/info.sessionInfo.json";
+
+    public void test_login_default() throws Exception {
+        testForcedLogin(null);
+    }
+
+    public void test_login_ws1() throws Exception {
+        testForcedLogin("ws1");
+    }
+
+    public void test_login_ws2() throws Exception {
+        testForcedLogin("ws2");
+    }
+
+    public void test_login_ws3() throws Exception {
+        testForcedLogin("ws3");
+    }
+
+    private void testForcedLogin(final String workspace) throws Exception {
+
+        final String wspPar = (workspace == null) ? "" : ("?j_workspace=" + workspace);
+
+        // disable credentials -> anonymous session
+        final URL url = new URL(HTTP_BASE_URL);
+        final AuthScope scope = new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM);
+        httpClient.getParams().setAuthenticationPreemptive(false);
+        httpClient.getState().setCredentials(scope, null);
+        {
+            final String content = getContent(HTTP_BASE_URL + SESSION_INFO_PATH + wspPar, CONTENT_TYPE_JSON);
+            assertJavascript("anonymous", content, "out.println(data.userID)");
+            if (workspace != null) {
+                assertJavascript(workspace, content, "out.println(data.workspace)");
+            }
+        }
+
+        // root must return 20x or 30x
+        final GetMethod get = new GetMethod(HTTP_BASE_URL + "/");
+        final int status = httpClient.executeMethod(get);
+        final int status10 = status / 10;
+        if (status10 != 20 && status10 != 30) {
+            fail("Expected 20x or 30x status, got " + status);
+        }
+
+        // root with sling:authRequestLogin=true must return 401
+        assertHttpStatus(HTTP_BASE_URL + "/?sling:authRequestLogin=true", HttpServletResponse.SC_UNAUTHORIZED);
+
+        // re-enable credentials -> admin session
+        httpClient.getParams().setAuthenticationPreemptive(true);
+        Credentials defaultcreds = new UsernamePasswordCredentials("admin", "admin");
+        httpClient.getState().setCredentials(scope, defaultcreds);
+        {
+            final String content = getContent(HTTP_BASE_URL + SESSION_INFO_PATH + wspPar, CONTENT_TYPE_JSON);
+            assertJavascript("admin", content, "out.println(data.userID)");
+            if (workspace != null) {
+                assertJavascript(workspace, content, "out.println(data.workspace)");
+            }
+        }
+    }
+
+}